From 945d69541cdf4273da076b31e53c20e7c1ac2d3b Mon Sep 17 00:00:00 2001
From: Amy Qualls <aqualls@gitlab.com>
Date: Wed, 17 Jul 2024 15:56:44 +0000
Subject: [PATCH] Proposes a subheading-length rule

To adhere to our style guide, test for subheadings longer than
70 characters.
---
 .markdownlint-cli2.yaml                                |  7 ++++++-
 ...16-9-excluded-analyzer-variable-behavior-change.yml |  2 +-
 doc/development/ai_features/duo_chat.md                |  4 +++-
 doc/development/documentation/topic_types/index.md     |  3 ++-
 doc/update/deprecations.md                             |  2 +-
 .../continuous_vulnerability_scanning/index.md         | 10 +++++++++-
 6 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/.markdownlint-cli2.yaml b/.markdownlint-cli2.yaml
index 61193d9c0d525..7aaa637eed6ef 100644
--- a/.markdownlint-cli2.yaml
+++ b/.markdownlint-cli2.yaml
@@ -16,7 +16,12 @@ config:
     style: "atx"
   hr-style:                         # MD035
     style: "---"
-  line-length: false                # MD013
+  line-length:                      # MD013
+    code_blocks: false
+    tables: false
+    headings: true
+    heading_line_length: 100
+    line_length: 800
   no-duplicate-heading:             # MD024
     siblings_only: true
   no-emphasis-as-heading: false     # MD036
diff --git a/data/deprecations/16-9-excluded-analyzer-variable-behavior-change.yml b/data/deprecations/16-9-excluded-analyzer-variable-behavior-change.yml
index ab34361a14361..07b31d61c3767 100644
--- a/data/deprecations/16-9-excluded-analyzer-variable-behavior-change.yml
+++ b/data/deprecations/16-9-excluded-analyzer-variable-behavior-change.yml
@@ -1,4 +1,4 @@
-- title: "Scan execution policies enforcing scans with an `_EXCLUDED_ANALYZERS` variable will override project variables"  # (required) Clearly explain the change, or planned change. For example, "The `confidential` field for a `Note` is deprecated" or "CI/CD job names will be limited to 250 characters."
+- title: "Scan execution policies using `_EXCLUDED_ANALYZERS` variable override project variables"  # (required) Clearly explain the change, or planned change. For example, "The `confidential` field for a `Note` is deprecated" or "CI/CD job names will be limited to 250 characters."
   removal_milestone: "17.0"  # (required) The milestone when this feature is planned to be removed
   announcement_milestone: "16.9"  # (required) The milestone when this feature was first announced as deprecated.
   breaking_change: true  # (required) Change to false if this is not a breaking change.
diff --git a/doc/development/ai_features/duo_chat.md b/doc/development/ai_features/duo_chat.md
index bedf2a29416d5..54f1bdc0a2efe 100644
--- a/doc/development/ai_features/duo_chat.md
+++ b/doc/development/ai_features/duo_chat.md
@@ -32,7 +32,9 @@ The chat aims to be context aware and ultimately have access to all the resource
 
 To scale the context awareness and hence to scale creation, ideation, and learning use cases across the entire DevSecOps domain, the Duo Chat team welcomes contributions to the chat platform from other GitLab teams and the wider community. They are the experts for the use cases and workflows to accelerate.
 
-### Which use cases are better implemented as stand-alone AI features or at least also as stand-alone AI features?
+### Which use cases are better implemented as stand-alone AI features?
+
+Which use cases are better implemented as stand-alone AI features, or at least also as stand-alone AI features?
 
 - Narrowly scoped tasks that be can accelerated by deeply integrating AI into an existing workflow.
 - That can't benefit from conversations with AI.
diff --git a/doc/development/documentation/topic_types/index.md b/doc/development/documentation/topic_types/index.md
index 3d03b07538b39..89cbf030d5b35 100644
--- a/doc/development/documentation/topic_types/index.md
+++ b/doc/development/documentation/topic_types/index.md
@@ -43,7 +43,8 @@ You should avoid:
 In general, for topic titles:
 
 - Be clear and direct. Make every word count.
-- Use fewer than 70 characters when possible.
+- Use fewer than 70 characters when possible. The [markdownlint](../testing/markdownlint.md) rule:
+  [`line-length` (MD013)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.markdownlint-cli2.yaml)
 - Use articles and prepositions.
 - Follow [capitalization](../styleguide/index.md#topic-titles) guidelines.
 - Do not repeat text from earlier topic titles. For example, if the page is about merge requests,
diff --git a/doc/update/deprecations.md b/doc/update/deprecations.md
index 6c5856ded0882..d2894fae1d124 100644
--- a/doc/update/deprecations.md
+++ b/doc/update/deprecations.md
@@ -2017,7 +2017,7 @@ If you applied customizations to the removed analyzers, or if you currently disa
 
 <div class="deprecation breaking-change" data-milestone="17.0">
 
-### Scan execution policies enforcing scans with an `_EXCLUDED_ANALYZERS` variable will override project variables
+### Scan execution policies using `_EXCLUDED_ANALYZERS` variable override project variables
 
 <div class="deprecation-notes">
 - Announced in GitLab <span class="milestone">16.9</span>
diff --git a/doc/user/application_security/continuous_vulnerability_scanning/index.md b/doc/user/application_security/continuous_vulnerability_scanning/index.md
index a2dc4fc9d54c7..5d954418d764e 100644
--- a/doc/user/application_security/continuous_vulnerability_scanning/index.md
+++ b/doc/user/application_security/continuous_vulnerability_scanning/index.md
@@ -73,7 +73,15 @@ After a security advisory is published, it might take a few hours before the cor
 
 ## When vulnerabilities are no longer detected
 
-Continuous Vulnerability Scanning automatically creates vulnerabilities when a new advisory is published but it is not able to tell when a vulnerability is no longer present in the project. To do so, GitLab still requires to have a [Container Scanning](../container_scanning/index.md) or a [Dependency Scanning](../dependency_scanning/index.md) scan executed in a pipeline for the default branch, and a corresponding security report artifact generated with the up to date information. When these reports are processed, and when they no longer contain some vulnerabilities, these are flagged as such even if they were created by Continuous Vulnerability Scanning. This behavior has been introduced in 17.1 with [issue 441490](https://gitlab.com/gitlab-org/gitlab/-/issues/441490) and applies to scanners maintained by GitLab (`Trivy`, `gemnasium`, `gemnasium-python`, `gemnasium-maven`).
+Continuous Vulnerability Scanning automatically creates vulnerabilities when a new advisory is published
+but it is not able to tell when a vulnerability is no longer present in the project. To do so, GitLab
+still requires to have a [Container Scanning](../container_scanning/index.md) or a
+[Dependency Scanning](../dependency_scanning/index.md) scan executed in a pipeline for the default branch,
+and a corresponding security report artifact generated with the up to date information. When these reports
+are processed, and when they no longer contain some vulnerabilities, these are flagged as such even if
+they were created by Continuous Vulnerability Scanning. This behavior has been introduced in 17.1 with
+[issue 441490](https://gitlab.com/gitlab-org/gitlab/-/issues/441490) and applies to scanners maintained
+by GitLab (`Trivy`, `gemnasium`, `gemnasium-python`, `gemnasium-maven`).
 
 Improvements to this behavior, including requiring only to have a updated SBOM uploaded, are planned in [epic 8026](https://gitlab.com/groups/gitlab-org/-/epics/8026).
 
-- 
GitLab